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DETAILED ACTION 

Response to Amendment 

1 . This office action is in response to the RCE/amendment filed 09/30/08. Claims 1 , 
3, 31 , 33-34, 38, 40-41 , 44 and 46 have been amended; claims 2 and 39 have been 
canceled. 



Response to Arguments 

2. Applicant's arguments filed 09/30/08 have been fully considered but they are not 
persuasive. Applicant argues that Moshir (US 2004/0003266 A1) fails to disclose the 
feature "receiving an indication to ignore the new set of rules and continue operating 
each of the plurality of security engines according to the previous rules when at least 
one of the plurality of security engines has determined that it is not ready to begin using 
the new security policy" (page 19). 

Moshir discloses that the security policies for the plurality of security engines are 
updated according to a scheduled rollout, and each security engine is to report the 
result of the update, whether a success or a failure/error. Specifically, Moshir discloses 
that when one of the security engines has determined that it is not ready to begin using 
the new security policy (i.e., when an update installation failure is detected/reported), all 
security engines receives an indication to ignore the new set of rules and continue 
operating according to the previous rules (i.e., update is removed from all security 
engines and they rollback to their pre-update state) (paragraphs 0030, 0059, 0074- 
0078). 
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Claim Rejections - 35 USC §112 

3. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

4. Claims 1, 3-4 and 7-14 are rejected under 35 U.S.C. 112, first paragraph, as 
failing to comply with the written description requirement. The claim(s) contains subject 
matter which was not described in the specification in such a way as to reasonably 
convey to one skilled in the relevant art that the inventor(s), at the time the application 
was filed, had possession of the claimed invention. The amended claim 1 recites the 
limitations "returning a fail value when each of the plurality of security engines has 
determined that it is not ready to begin using the new security policy; returning a pass 
value when each of the plurality of security engines has determined that it is ready to 
begin using the new security policy" (lines 9-12). Whereas the disclosure describes that 
each security engines returns either a failure value or an OK value depending on 
whether the security engine itself has successfully processed the new policy, the 
disclosure does not describe returning the OK/ failure value when each of the security 
engines has successfully/unsuccessfully processed the new policy. Therefore, the 
limitations are considered new matter. Claims 41 is rejected on the same basis as 
claim 1 . For prior art rejection purpose, the limitations are interpreted as "each of the 
security engines returning a fail value when the security engine has determined that it is 
not ready to begin using the new security policy; each of the security engines returning 
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a pass value when the security engine has determined that it is ready to begin using the 
new security policy". 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 1, 3-4 and 7-14 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Miliefsky (US 2005/0044418 A1) in view of Moshir et al. (US 
2004/0003266 A1 ) and Date ("An Introduction to Database System"). 

Miliefsky discloses a computing device comprising a plurality of security engines 
each having a current security policy (i.e., an INFOSEC ENGINE with plug-in 
components such as a firewall engine, an antivirus engine, an intrusion detection 
engine, a vulnerability analysis engine, a denial-of-service engine, etc.) (Fig. 7; 
paragraph 0039). Miliefsky also discloses updating the security policies (i.e., performing 
security updates and upgrade patches for the plug-in components) (paragraph 0041). 

Miliefsky does not discloses (i) each of the security engines returning a fail value 
when the security engine has determined that it is not ready to begin using the new 
security policy; (ii) each of the security engines returning a pass value when the security 
engine has determined that it is ready to begin using the new security policy; and (iii) 
receiving an indication to ignore the new set of rules and continue operating each of the 
plurality of security engines according to the previous rules when at least one of the 
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plurality of security engines has determined that it is not ready to begin using the new 
security policy. Moshir discloses a method and system for updating security policies for 
a plurality of security engines (paragraphs 0030, 0059, 0181). Specifically, Moshir 
discloses each of the security engines returning a fail value when the security engine 
has determined that it is not ready to begin using the new security policy (i.e., update 
fails to install properly); each of the security engines returning a pass value when the 
security engine has determined that it is ready to begin using the new security policy 
(i.e., update installs properly); and receiving an indication to ignore the new set of rules 
and continue operating each of the plurality of security engines according to the 
previous rules when at least one of the plurality of security engines has determined that 
it is not ready to begin using the new security (i.e., when an update installation failure is 
detected/reported, update is removed from all security engines and they rollback to their 
pre-update state) (paragraphs 0074-0078). It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to incorporate Moshir's 
method of updating security policies into Miliefsky's system. The motivation for doing so 
would have been to leave the network in a usable state in case of a faulty update 
(paragraph 0045). 

Moshir discloses that the security engines receive a system-wide rollback if any 
of the security engines has failed to process the new security policy (i.e., indication to 
ignore the new set of rules and continue using the previous rules); however, Moshir 
does not disclose that the security engines switch to the new policy after receiving a 
system-wide commit command indicating that all updates have been successfully 
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processed. Date, in addition to a system-wide rollback as described in Moshir, 
discloses a two-phase commit protocol used in an update operation involving multiple 
participants whereby each participant starts using updated information after receiving a 
system-wide commit command indicating that all of the participants have successfully 
processed the update (page 463). It would have been obvious to one of ordinary skill in 
the art at the time the invention was made to modify the combined method and system 
of Miliefsky further to utilize a system-wide commit command, as taught by Date. The 
motivation for doing so would have been to guarantee that all updates could happen in 
unison (page 463, 1 st paragraph). 

7. Claims 31-34, 37-38, 40-41 and 44-46 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Moshir in view of Date. Moshir discloses a method comprising: 
receiving an indication of a new security policy to be used (i.e., new antivirus software 
files, a security fix/patch); generating a new set of rules from the new security policy 
(i.e., performing updating of the file/fix/patch) (paragraphs 0030, 0059, 0074-0078); 
returning a fail value when the security engine has determined that it is not ready to 
begin using the new security policy (i.e., update fails to install properly); each of the 
security engines returning a pass value when the security engine has determined that it 
is ready to begin using the new security policy (i.e., update installs properly); and 
continuing using the previous rules when it is determined that the new set of rules are 
not ready for use (i.e., when an update installation failure is detected/reported, update is 
removed from all security engines and they rollback to their pre-update state) 
(paragraphs 0074-0078). 



Application/Control Number: 10/729,530 
Art Unit: 2432 



Page 7 



Moshir discloses that the security engines receive a system-wide rollback if any 
of the security engines has failed to process the new security policy (i.e., indication to 
ignore the new set of rules and continue using the previous rules); however, Moshir 
does not disclose that the security engines switch to the new policy after receiving a 
system-wide commit command indicating that all updates have been successfully 
processed. Date, in addition to a system-wide rollback as described in Moshir, 
discloses a two-phase commit protocol used in an update operation involving multiple 
participants whereby each participant starts using updated information after receiving a 
system-wide commit command indicating that all of the participants have successfully 
processed the update (page 463). It would have been obvious to one of ordinary skill in 
the art at the time the invention was made to modify the combined method and system 
of Moshir to utilize a system-wide commit command, as taught by Date. The motivation 
fordoing so would have been to guarantee that all updates could happen in unison 
(page 463, 1 st paragraph). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MINH DINH whose telephone number is (571)272-3802. 
The examiner can normally be reached on Mon-Fri: 10:00am-6:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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